There are 5 open security issues in bullseye.
5 issues left for the package maintainer to handle:
- CVE-2023-22655:
(postponed; to be fixed through a stable update)
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2023-28746:
(postponed; to be fixed through a stable update)
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2023-38575:
(postponed; to be fixed through a stable update)
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2023-39368:
(postponed; to be fixed through a stable update)
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.
- CVE-2023-43490:
(postponed; to be fixed through a stable update)
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
You can find information about how to handle these issues in the security team's documentation.